firefox-52.0-5.0.1.el7.AXS7
エラータID: AXSA:2017-1350:02
Release date:
Monday, March 20, 2017 - 17:49
Subject:
firefox-52.0-5.0.1.el7.AXS7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
High
Description:
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.
Security issues fixed with this release:
CVE-2017-5428
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
Solution:
Update package.
CVEs:
CVE-2017-5428
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.
Additional Info:
N/A
Download:
SRPMS
- firefox-52.0-5.0.1.el7.AXS7.src.rpm
MD5: 4114048ea58207be0ff5a265ab28722a
SHA-256: 7b9f15e0fe8937882d399a9e368f9c358dc8cedd1e45f59e56c644b3ddc2ebc3
Size: 365.88 MB
Asianux Server 7 for x86_64
- firefox-52.0-5.0.1.el7.AXS7.x86_64.rpm
MD5: 595b27c177b61505fc688afc088447a4
SHA-256: 82f6802f27ede0ab7b789d29842b9a0eb890176c5430450f5fd8d63a874761fb
Size: 83.29 MB - firefox-52.0-5.0.1.el7.AXS7.i686.rpm
MD5: aae403fa4e6c37bd841e6f2dd02def05
SHA-256: ec512088118e887ebe618d14ca689095a4bd0579ff9aca738b31518d5182a2c7
Size: 83.54 MB